CVE-2018-8905

Published March 22nd, 2018

View on NVD ↗

CVSS v3

8.8

HIGH

CVSS v2

6.8

MEDIUM

Affected

PROJECTS

Description

In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as demonstrated by tiff2ps.

libtiff/libtiff

TIFF Library and Utilities

GitLab

halfbitteam/POCs

GitHub